package com.isoftstone.securityframework.device.auth.filter;

import java.io.IOException;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.web.filter.authz.PermissionsAuthorizationFilter;
import org.apache.shiro.web.util.WebUtils;
/**
 * 设备权限Filter
 * @author david
 *
 */
public class DevicePermissionsAuthorizationFilter extends PermissionsAuthorizationFilter {

	
	/**
	 * 将Shiro对没有权限访问当前资源的客户端返回的401改写为403
	 */
	@Override
	protected boolean onAccessDenied(ServletRequest request,ServletResponse response) throws IOException {
        WebUtils.toHttp(response).sendError(HttpServletResponse.SC_FORBIDDEN);
		return false;
	}
}
